A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
☆442Apr 1, 2022Updated 3 years ago
Alternatives and similar repositories for Spray-AD
Users that are interested in Spray-AD are comparing it to the libraries listed below
Sorting:
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆316Dec 19, 2023Updated 2 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆362Feb 24, 2023Updated 3 years ago
- Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.☆302Mar 4, 2020Updated 5 years ago
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strike☆271Jun 13, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- Collection of Beacon Object Files☆633Nov 1, 2022Updated 3 years ago
- Run shellcode from resource☆259Dec 13, 2020Updated 5 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆809Aug 28, 2022Updated 3 years ago
- .NET Project for Attacking vCenter☆553Nov 11, 2021Updated 4 years ago
- ☆71Sep 17, 2020Updated 5 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,606Jul 10, 2023Updated 2 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Tool to create hidden registry keys.☆492Oct 23, 2019Updated 6 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- ☆667Nov 17, 2021Updated 4 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆864Mar 20, 2023Updated 2 years ago
- C# Script used for Red Team☆723Nov 16, 2021Updated 4 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆607Feb 16, 2023Updated 3 years ago
- Cobalt Strike kit for Lateral Movement☆678Feb 21, 2020Updated 6 years ago
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,097Apr 19, 2023Updated 2 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Search files for extensions as well as text within.☆121Sep 28, 2021Updated 4 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆216Oct 8, 2020Updated 5 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,577Jan 5, 2021Updated 5 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆152Sep 3, 2020Updated 5 years ago
- Run Rubeus via Rundll32☆207Apr 25, 2020Updated 5 years ago
- ☆198Mar 19, 2020Updated 5 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- ☆142May 4, 2022Updated 3 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆425Jul 27, 2022Updated 3 years ago